May 05, 2019

This short post catalogs some resources that may be useful for those interested in security data science. It is not meant to be an exhaustive list. It is meant to be a curated list to help you get started.

Staying Current with Security Data Science

Here is my current strategy for staying current with security data science research. It leans heavier towards academic research since this is what interests me at the moment.

New article alerts on these authors with the bolded being the most relevant / interesting to me.

Alina Oprea - heavily focused on operational security ML.

Josh Saxe, Rich Harang, and Konstantin Berlin - heavily focused on Malware detection/analytics using ML. Also a published book author.

Manos Antonakakis and Roberto Perdisci - heavily focused on network security analytics using ML with a specialty in DNS traffic.

Balduzzi Marco

Battista Biggio

Chaz Lever

Christopher Kruegel

Damon McCoy

David Dagon

David Freeman

Gianluca Stringhini

Giovanni Vigna

Guofei Gu

Han Yufei

Hossein Siadati

Issa Khalil

Jason (Iasonas) Polakis

Michael Donald Bailey

Michael Iannacone

Nick Feamster

Niels Provos

Nir Nissim

Patrick McDaniel

Stefan Savage

Steven Noel

Terry Nelms

Ting-Fang Yen

Vern Paxson

Wenke Lee

Yacin Nadji

Yanfang (Fanny) Ye

Yizheng Chen

Yuval Elovici

Twitter

Twitter can be a gold mine for new and relevant ideas, blogs, presentations, etc for security data science. You just need to make sure you continually follow the right folks. Here is a short list of thought leaders in this space (if I left you off it is my oversight so please don’t take offense).

For a more exhaustive list of others I would recommend following on Twitter, see this gist. This list is focused on Threat Intel, Threat Hunting, Detection Engineering, IR, and Security Engineering. It is not exhaustive, but is a good start.

Conferences

Below are several interesting security conferences where research is published on security data science topics. It is a good idea to be on the look out for the proceedings from these events.